March 8, 2024 at 11:49AM Open-source repositories are essential for modern applications, but can harbor security risks. A new framework from CISA and OpenSSF suggests controls like multi-factor authentication and security reporting to reduce malicious code exposure. However, the security of repositories varies, with potential for accidental inclusion of malicious packages. The risk of namesquatting … Read more
March 8, 2024 at 11:41AM Cloudflare’s San Francisco office features a wall of 100 lava lamps, known as the Wall of Entropy, used to generate randomness for encrypting internet traffic. The lamps’ changing patterns provide physical entropy, enhanced by human movement and changing light conditions. This initiative is part of the League of Entropy, a … Read more
March 8, 2024 at 10:34AM Microsoft discovered that the Russian hacking group ‘Midnight Blizzard’ accessed their internal systems and source code after stealing authentication secrets in January. They gained access using a non-production test account without multi-factor authentication. Microsoft is informing affected customers and increasing security measures to defend against these advanced persistent threats. From … Read more
March 8, 2024 at 10:01AM The Stuxnet attack from a decade ago exposed vulnerabilities in operational technology (OT) systems, particularly Siemens PLCs. Human behavior contributes to OT vulnerability, as threat actors exploit lax security practices. The convergence of IT and OT increases attack surfaces. Layered security, including device-level protection and zero trust, is crucial. Siemens … Read more
March 8, 2024 at 09:57AM Reach Security, a California startup, has secured $20 million in initial venture capital funding from Ballistic Ventures and Artisanal Ventures, among others. The company aims to enhance security management for businesses, utilizing AI-powered analytics to optimize security operations. CEO Garrett Hamilton believes their technology can revolutionize security infrastructure, offering efficiency … Read more
March 8, 2024 at 09:57AM SecurityWeek’s cybersecurity news roundup offers a concise collection of important stories that may have been overlooked. This week’s highlights include IBM’s launch of a new cyber response training facility, Google’s termination of accounts involved in influence operations, updates on Microsoft’s Secure Future Initiative, and cybersecurity resources released by CISA and … Read more
March 8, 2024 at 08:57AM UnitedHealth Group, parent company of Change Healthcare, has restored pharmacy services following a BlackCat ransomware attack. Systems are being aggressively restored, with electronic prescribing and payment transmission now fully functional. Electronic payment functionality will return on March 15, while medical claims systems will begin testing on March 18. Provider and … Read more
March 8, 2024 at 08:03AM Cybersecurity firm ESET reports that a Chinese APT group known as Evasive Panda has been targeting Tibetans through watering hole and supply chain attacks. The group has a history of cyberespionage operations primarily targeting government entities in China, India, and other Asian countries. Evasive Panda has been leveraging compromised websites … Read more
March 8, 2024 at 07:23AM Open-source repositories are crucial for modern applications, but carelessness can introduce backdoors and vulnerabilities. A new security framework by CISA and OpenSSF recommends controls to enhance security. The guidelines aim to prevent incidents like namesquatting and unintentional inclusion of malicious software in repositories. This comes as IT departments are grappling … Read more
March 8, 2024 at 06:09AM In the cybersecurity realm, secrets management is essential in safeguarding sensitive data. This involves avoiding common mistakes such as hard coding secrets, inadequate key rotation, public storage, and over-provisioning of privileges. Additional pitfalls include improper lifecycle management, lack of audit trails, and failure to encrypt Kubernetes secrets. Strategies for remedying … Read more